/[gentoo]/xml/htdocs/doc/en/quick-samba-howto.xml
Gentoo

Diff of /xml/htdocs/doc/en/quick-samba-howto.xml

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.9 Revision 1.19
1<?xml version='1.0' encoding='UTF-8'?> 1<?xml version='1.0' encoding='UTF-8'?>
2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml,v 1.9 2004/08/01 11:40:20 swift Exp $ --> 2<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/quick-samba-howto.xml,v 1.19 2005/10/02 21:26:32 rane Exp $ -->
3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> 3<!DOCTYPE guide SYSTEM "/dtd/guide.dtd">
4<guide link="quick-samba-howto.xml"> 4<guide link="quick-samba-howto.xml">
5<title>Gentoo Samba3/CUPS/Clam AV HOWTO</title> 5<title>Gentoo Samba3/CUPS/ClamAV HOWTO</title>
6<author title="Author"> 6<author title="Author">
7 <mail link="daff at dword dot org">Andreas "daff" Ntaflos</mail> 7 <mail link="daff at dword dot org">Andreas "daff" Ntaflos</mail>
8</author> 8</author>
9<author title="Author"> 9<author title="Author">
10 <mail link="joshua@sungentoo.homeunix.com">Joshua Preston</mail> 10 <mail link="joshua@sungentoo.homeunix.com">Joshua Preston</mail>
18 18
19<!-- The content of this document is licensed under the CC-BY-SA license --> 19<!-- The content of this document is licensed under the CC-BY-SA license -->
20<!-- See http://creativecommons.org/licenses/by-sa/1.0 --> 20<!-- See http://creativecommons.org/licenses/by-sa/1.0 -->
21<license/> 21<license/>
22 22
23<version>1.6</version> 23<version>1.12</version>
24<date>August 01, 2004</date> 24<date>2005-03-26</date>
25 25
26<chapter> 26<chapter>
27<title>Introduction to this HOWTO</title> 27<title>Introduction to this HOWTO</title>
28<section> 28<section>
29<title>Purpose</title> 29<title>Purpose</title>
107</p> 107</p>
108 108
109<ul> 109<ul>
110 <li>On the Samba server: 110 <li>On the Samba server:
111 <ul> 111 <ul>
112 <li>Install and configure CLAM-AV</li> 112 <li>Install and configure ClamAV</li>
113 <li>Install and configure Samba</li> 113 <li>Install and configure Samba</li>
114 <li>Install and configure CUPS</li> 114 <li>Install and configure CUPS</li>
115 <li>Adding the printer to CUPS</li> 115 <li>Adding the printer to CUPS</li>
116 <li>Adding the PS drivers for the Windows clients</li> 116 <li>Adding the PS drivers for the Windows clients</li>
117 </ul> 117 </ul>
157<p> 157<p>
158The main package we use here is net-fs/samba, however, you will need 158The main package we use here is net-fs/samba, however, you will need
159a kernel with smbfs support enabled in order to mount a samba or windows 159a kernel with smbfs support enabled in order to mount a samba or windows
160share from another computer. CUPS will be emerged if it is not already. 160share from another computer. CUPS will be emerged if it is not already.
161app-antivirus/clamav will be used also, but others should be easily adapted 161app-antivirus/clamav will be used also, but others should be easily adapted
162to work with Samba. 162to work with Samba. Gentoo's samba ebuild supports all kinds of virus scanning
163technologies, such as Sophos, FProt, Fsav, Trend, Icap, Nai, ...
163</p> 164</p>
164 165
165</body> 166</body>
166</section> 167</section>
167</chapter> 168</chapter>
176Before emerging anything, take a look at the various USE flags 177Before emerging anything, take a look at the various USE flags
177available to Samba. 178available to Samba.
178</p> 179</p>
179 180
180<pre caption="Samba uses the following USE Variables:"> 181<pre caption="Samba uses the following USE Variables:">
181kerberos mysql xml acl cups ldap pam readline python oav 182kerberos mysql xml acl cups ldap pam readline python oav libclamav
182</pre> 183</pre>
183 184
184<p> 185<p>
185Depending on the network topology and the specific requirements of 186Depending on the network topology and the specific requirements of
186the server, the USE flags outlined below will define what to include or 187the server, the USE flags outlined below will define what to include or
255 </ti> 256 </ti>
256</tr> 257</tr>
257<tr> 258<tr>
258 <th><b>readline</b></th> 259 <th><b>readline</b></th>
259 <ti> 260 <ti>
260 Link Samba again libreadline. This is highly recommended and should 261 Link Samba against libreadline. This is highly recommended and should
261 probably not be disabled 262 probably not be disabled
262 </ti> 263 </ti>
263</tr> 264</tr>
264<tr> 265<tr>
265 <th><b>python</b></th> 266 <th><b>python</b></th>
274 Provides on-access scanning of Samba shares with FRISK F-Prot 275 Provides on-access scanning of Samba shares with FRISK F-Prot
275 Daemon, Kaspersky AntiVirus, OpenAntiVirus.org ScannerDaemon, Sophos Sweep 276 Daemon, Kaspersky AntiVirus, OpenAntiVirus.org ScannerDaemon, Sophos Sweep
276 (SAVI), Symantec CarrierScan, and Trend Micro (VSAPI). 277 (SAVI), Symantec CarrierScan, and Trend Micro (VSAPI).
277 </ti> 278 </ti>
278</tr> 279</tr>
280<tr>
281 <th><b>libclamav</b></th>
282 <ti>
283 Use the ClamAV library instead of the clamd daemon
284 </ti>
285</tr>
279</table> 286</table>
280 287
281<p> 288<p>
282A couple of things worth mentioning about the USE flags and different 289A couple of things worth mentioning about the USE flags and different
283Samba functions include: 290Samba functions include:
335To optimize performance, size and the time of the build, the 342To optimize performance, size and the time of the build, the
336USE flags are specifically included or excluded. 343USE flags are specifically included or excluded.
337</p> 344</p>
338 345
339<pre caption="Emerge Samba"> 346<pre caption="Emerge Samba">
340<comment>(Note the USE flags!)</comment> 347# <i>echo "net-fs/samba oav readline cups pam" &gt;&gt; /etc/portage/package.use</i>
341# <i>USE=&quot;oav readline cups pam -python -ldap -kerberos -xml -acl -mysql&quot; emerge net-fs/samba</i> 348# <i>emerge net-fs/samba</i>
342</pre> 349</pre>
343 350
344<note> 351<note>
345The following archs will need to add <e>~</e> to their <e>KEYWORDS</e>: x86, 352The following archs will need to add <e>~</e> to their <e>KEYWORDS</e>: x86,
346ppc, sparc, hppa, ia64 and alpha 353ppc, sparc, hppa, ia64 and alpha
351</p> 358</p>
352 359
353</body> 360</body>
354</section> 361</section>
355<section> 362<section>
356<title>Emerging Clam AV</title> 363<title>Emerging ClamAV</title>
357<body> 364<body>
358 365
359<p> 366<p>
360Because the <e>oav</e> USE flag only provides an interface to allow on access 367Because the <e>oav</e> USE flag only provides an interface to allow on access
361virus scanning, the actual virus scanner must be emerged. The scanner 368virus scanning, the actual virus scanner must be emerged. The scanner
362used in this HOWTO is Clam AV. 369used in this HOWTO is ClamAV.
363</p> 370</p>
364 371
365<pre caption="Emerge clam-av"> 372<pre caption="Emerge Clamav">
366# <i>emerge app-antivirus/clamav</i> 373# <i>emerge app-antivirus/clamav</i>
367</pre> 374</pre>
368 375
369</body> 376</body>
370</section> 377</section>
413<pre caption="A Sample /etc/samba/smb.conf"> 420<pre caption="A Sample /etc/samba/smb.conf">
414[global] 421[global]
415<comment># Replace MYWORKGROUPNAME with your workgroup/domain</comment> 422<comment># Replace MYWORKGROUPNAME with your workgroup/domain</comment>
416workgroup = <comment>MYWORKGROUPNAME</comment> 423workgroup = <comment>MYWORKGROUPNAME</comment>
417<comment># Of course this has no REAL purpose other than letting 424<comment># Of course this has no REAL purpose other than letting
418# everyone know its not Windows! 425# everyone knows it's not Windows!
419# %v prints the version of Samba we are using.</comment> 426# %v prints the version of Samba we are using.</comment>
420server string = Samba Server %v 427server string = Samba Server %v
421<comment># We are going to use cups, so we are going to put it in here ;-)</comment> 428<comment># We are going to use cups, so we are going to put it in here ;-)</comment>
422printcap name = cups 429printcap name = cups
423printing = cups 430printing = cups
446<comment># We now will implement the on access virus scanner. 453<comment># We now will implement the on access virus scanner.
447# NOTE: By putting this in our [Global] section, we enable 454# NOTE: By putting this in our [Global] section, we enable
448# scanning of ALL shares, you could optionally move 455# scanning of ALL shares, you could optionally move
449# these to a specific share and only scan it.</comment> 456# these to a specific share and only scan it.</comment>
450 457
451<comment># For Samba 3.x</comment> 458<comment># For Samba 3.x. This enables ClamAV on access scanning.</comment>
452vfs object = vscan-clamav 459vfs object = vscan-clamav
453vscan-clamav: config-file = /etc/samba/vscan-clamav.conf 460vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
454
455<comment># For Samba 2.2.x</comment>
456vfs object = /usr/lib/samba/vfs/vscan-clamav.so
457vfs options = config-file = /etc/samba/vscan-clamav.conf
458 461
459<comment># Now we setup our print drivers information!</comment> 462<comment># Now we setup our print drivers information!</comment>
460[print$] 463[print$]
461comment = Printer Drivers 464comment = Printer Drivers
462path = /etc/samba/printer <comment># this path holds the driver structure</comment> 465path = /etc/samba/printer <comment># this path holds the driver structure</comment>
463guest ok = no 466guest ok = yes
464browseable = yes 467browseable = yes
465read only = yes 468read only = yes
466<comment># Modify this to "username,root" if you don't want root to 469<comment># Modify this to "username,root" if you don't want root to
467# be the only printer admin)</comment> 470# be the only printer admin)</comment>
468write list = <i>root</i> 471write list = <i>root</i>
481 484
482<comment># Now we setup our printers share. This should be 485<comment># Now we setup our printers share. This should be
483# browseable, printable, public.</comment> 486# browseable, printable, public.</comment>
484[printers] 487[printers]
485comment = All Printers 488comment = All Printers
486browseable = yes 489browseable = no
487printable = yes 490printable = yes
491writable = no
488public = yes 492public = yes
489guest ok = yes 493guest ok = yes
490path = /var/spool/samba 494path = /var/spool/samba
491<comment># Modify this to "username,root" if you don't want root to 495<comment># Modify this to "username,root" if you don't want root to
492# be the only printer admin)</comment> 496# be the only printer admin)</comment>
514printer user, like <c>printeruser</c> or <c>printer</c> or 518printer user, like <c>printeruser</c> or <c>printer</c> or
515<c>printme</c> or whatever. It doesn't hurt and it will certainly 519<c>printme</c> or whatever. It doesn't hurt and it will certainly
516protect you from a lot of problems. 520protect you from a lot of problems.
517</warn> 521</warn>
518 522
523<warn>
524Turning on ClamAV on access scanning in the <c>[global]</c> section will slow
525down the performance of your Samba server dramatically.
526</warn>
527
519<p> 528<p>
520Now create the directories required for the minimum configuration of 529Now create the directories required for the minimum configuration of
521Samba to share the installed printer throughout the network. 530Samba to share the installed printer throughout the network.
522</p> 531</p>
523 532
557</pre> 566</pre>
558 567
559</body> 568</body>
560</section> 569</section>
561<section> 570<section>
562<title>Configuring Clam AV</title> 571<title>Configuring ClamAV</title>
563<body> 572<body>
564 573
565<p> 574<p>
566The configuration file specified to be used in <path>smb.conf</path> is 575The configuration file specified to be used in <path>smb.conf</path> is
567<path>/etc/samba/vscan-clamav.conf</path>. While these options are set 576<path>/etc/samba/vscan-clamav.conf</path>. While these options are set
623<comment>; an entry is invalidated after lru file entry lifetime (in seconds). 632<comment>; an entry is invalidated after lru file entry lifetime (in seconds).
624; (Default: 5)</comment> 633; (Default: 5)</comment>
625lru file entry lifetime = 5 634lru file entry lifetime = 5
626 635
627<comment>; socket name of clamd (default: /var/run/clamd)</comment> 636<comment>; socket name of clamd (default: /var/run/clamd)</comment>
628clamd socket name = /var/run/clamd 637clamd socket name = /tmp/clamd
638
639<comment>; port number the ScannerDaemon listens on</comment>
640oav port = 8127
629</pre> 641</pre>
630 642
631<p> 643<p>
632It is generally a good idea to start the virus scanner immediately. Add 644It is generally a good idea to start the virus scanner immediately. Add
633it to the <e>default</e> runlevel and then start the <c>clamd</c> service immediately. 645it to the <e>default</e> runlevel and then start the <c>clamd</c> service
646immediately. The service has two processes: freshclam keeps the virus definition
647database up to date while clamd is the actual anti-virus daemon. First you may
648want to set the paths of the logfiles so that it fits your needs.
649</p>
650
651<pre caption="Checking the location of the logfiles">
652# <i>vim /etc/clamd.conf</i>
653<comment>(Check the line "LogFile /var/log/clamd.log")</comment>
654# <i>vim /etc/freshclam.conf</i>
655<comment>(Check the line "UpdateLogFile /var/log/freshclam.log")</comment>
656# <i>vim /etc/conf.d/clamd</i>
657<comment>(Set "START_CLAMD=yes" and "START_FRESHCLAM=yes")</comment>
658</pre>
659
660<p>
661Now fire up the virus scanner.
634</p> 662</p>
635 663
636<pre caption="Add clamd to bootup and start it"> 664<pre caption="Add clamd to bootup and start it">
637# <i>rc-update add clamd default</i> 665# <i>rc-update add clamd default</i>
638# <i>/etc/init.d/clamd start</i> 666# <i>/etc/init.d/clamd start</i>
697<comment>(The following line is found near the end of the file. Uncomment it)</comment> 725<comment>(The following line is found near the end of the file. Uncomment it)</comment>
698application/octet-stream application/vnd.cups-raw 0 726application/octet-stream application/vnd.cups-raw 0
699</pre> 727</pre>
700 728
701<p> 729<p>
702Edit <path>/etc/cups/mime.convs</path> to uncomment some lines. 730Edit <path>/etc/cups/mime.types</path> to uncomment some lines.
703</p> 731</p>
704 732
705<pre caption="/etc/cups/mime.types"> 733<pre caption="/etc/cups/mime.types">
706<comment>(The following line is found near the end of the file. Uncomment it)</comment> 734<comment>(The following line is found near the end of the file. Uncomment it)</comment>
707application/octet-stream 735application/octet-stream
712</p> 740</p>
713 741
714<pre caption="Setting up the CUPS service" > 742<pre caption="Setting up the CUPS service" >
715<comment>(To start CUPS on boot)</comment> 743<comment>(To start CUPS on boot)</comment>
716# <i>rc-update add cupsd default</i> 744# <i>rc-update add cupsd default</i>
717<comment>(To start CUPS if it isn't started)</comment> 745<comment>(To start or restart CUPS now)</comment>
718# <i>/etc/init.d/cupsd start</i>
719<comment>(If CUPS is already started we'll need to restart it!)</comment>
720# <i>/etc/init.d/cupsd restart</i> 746# <i>/etc/init.d/cupsd restart</i>
721</pre> 747</pre>
722 748
723</body> 749</body>
724</section> 750</section>
977<section> 1003<section>
978<title>Printer configuration of *nix based clients</title> 1004<title>Printer configuration of *nix based clients</title>
979<body> 1005<body>
980 1006
981<p> 1007<p>
982Despite the variation or distribution, the only thing needed is CUPS. 1008Despite the variation or distribution, the only thing needed is CUPS. Do the
983Do the equivalent on any other UNIX/Linux/BSD client. 1009equivalent on any other UNIX/Linux/BSD client.
984</p> 1010</p>
985 1011
986<pre caption="Configuring a Gentoo system"> 1012<pre caption="Configuring a Gentoo system">
987# <i>emerge cups</i> 1013# <i>emerge cups</i>
988# <i>/etc/init.d/cupsd start</i> 1014# <i>nano -w /etc/cups/client.conf</i>
989# <i>rc-update add cupsd default</i> 1015ServerName <i>PrintServer</i> <comment># your printserver name</comment>
990</pre> 1016</pre>
991 1017
992<p>
993That should be it. Nothing else will be needed. Just point your web
994browser to <c>http://localhost:631</c> on the client and you'll see that
995PrintServer broadcasts all available printers to all CUPS clients.
996</p> 1018<p>
997 1019That should be it. Nothing else will be needed.
998<p> 1020</p>
999To print, use for example 1021
1000</p> 1022<p>
1023If you use only one printer, it will be your default printer. If your print
1024server manages several printers, your administrator will have defined a default
1025printer on the server. If you want to define a different default printer for
1026yourself, use the <c>lpoptions</c> command.
1027</p>
1028
1029<pre caption="Setting your default printer">
1030<comment>(List available printers)</comment>
1031# <i>lpstat -a</i>
1032<comment>(Sample output, yours will differ)</comment>
1033HPDeskJet930C accepting requests since Jan 01 00:00
1034laser accepting requests since Jan 01 00:00
1035<comment>(Define HPDeskJet930C as your default printer)</comment>
1036# <i>lpoptions -d HPDeskJet930C</i>
1037</pre>
1001 1038
1002<pre caption="Printing in *nix"> 1039<pre caption="Printing in *nix">
1040<comment>(Specify the printer to be used)</comment>
1003# <i>lpr -pHPDeskJet930C anything.txt</i> 1041# <i>lp -d HPDeskJet930C anything.txt</i>
1004# <i>lpr -PHPDeskJet930C foobar.whatever.ps</i> 1042<comment>(Use your default printer)</comment>
1005</pre>
1006
1007<p>
1008In order to setup a default printer, you have to edit
1009<path>/etc/cups/client.conf</path> and set the directive
1010<c>ServerName</c> to your printserver. In the case of this guide that
1011would be the following example.
1012</p>
1013
1014<pre caption="/etc/cups/client.conf">
1015ServerName PrintServer
1016</pre>
1017
1018<p>
1019The following will print <path>foorbar.whatever.ps</path> directly to the print
1020server.
1021</p>
1022
1023<pre caption="Printing to the default printer">
1024$ <i>lpr foobar.whatever.ps</i> 1043# <i>lp foobar.whatever.ps</i>
1025</pre> 1044</pre>
1026 1045
1027<p>
1028Some common observations when setting a default printer in this manner
1029include the following:
1030</p> 1046<p>
1031 1047Just point your web browser to <c>http://printserver:631</c> on the client if
1032<ul> 1048you want to manage your printers and their jobs with a nice web interface.
1033 <li> 1049Replace <c>printserver</c> with the name of the <e>machine</e> that acts as
1034 Setting the <c>ServerName</c> in <path>client.conf</path> seems to 1050your print server, not the name you gave to the cups print server if you used
1035 work well for only one printer, there may be yet another way to 1051different names.
1036 set a client's default remote printer. 1052</p>
1037 </li>
1038 <li>
1039 Also, when accessing <c>http://localhost:631</c> on the client
1040 now, no printers seem to be "found" by the client-CUPS. This is to
1041 be expected when setting <c>ServerName</c> in
1042 <path>client.conf</path>.
1043 </li>
1044</ul>
1045 1053
1046</body> 1054</body>
1047</section> 1055</section>
1048<section> 1056<section>
1049<title>Mounting a Windows or Samba share in GNU/Linux</title> 1057<title>Mounting a Windows or Samba share in GNU/Linux</title>

Legend:
Removed from v.1.9  
changed lines
  Added in v.1.19

  ViewVC Help
Powered by ViewVC 1.1.20